2018-05-28 21:12:29 +02:00
|
|
|
#!/bin/bash
|
2009-08-26 17:00:38 +02:00
|
|
|
|
2020-01-02 22:15:46 +01:00
|
|
|
# Copyright 2005-2020 Patrick J. Volkerding, Sebeka, Minnesota, USA
|
2009-08-26 17:00:38 +02:00
|
|
|
# All rights reserved.
|
|
|
|
#
|
|
|
|
# Redistribution and use of this script, with or without modification, is
|
|
|
|
# permitted provided that the following conditions are met:
|
|
|
|
#
|
|
|
|
# 1. Redistributions of this script must retain the above copyright
|
|
|
|
# notice, this list of conditions and the following disclaimer.
|
|
|
|
#
|
|
|
|
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
|
|
|
|
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
|
|
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
|
|
|
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
|
|
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
|
|
|
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
|
|
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
|
|
|
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
|
|
|
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
2018-05-28 21:12:29 +02:00
|
|
|
cd $(dirname $0) ; CWD=$(pwd)
|
|
|
|
|
2011-04-25 15:37:00 +02:00
|
|
|
PKGNAM=shadow
|
2016-06-30 22:26:57 +02:00
|
|
|
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
|
2020-05-08 23:25:24 +02:00
|
|
|
BUILD=${BUILD:-6}
|
2010-05-19 10:58:23 +02:00
|
|
|
|
|
|
|
# Automatically determine the architecture we're building on:
|
|
|
|
if [ -z "$ARCH" ]; then
|
|
|
|
case "$( uname -m )" in
|
2018-05-28 21:12:29 +02:00
|
|
|
i?86) export ARCH=i586 ;;
|
2010-05-19 10:58:23 +02:00
|
|
|
arm*) export ARCH=arm ;;
|
|
|
|
# Unless $ARCH is already set, use uname -m for all other archs:
|
|
|
|
*) export ARCH=$( uname -m ) ;;
|
|
|
|
esac
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
|
2018-05-28 21:12:29 +02:00
|
|
|
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
|
|
|
|
# the name of the created package would be, and then exit. This information
|
|
|
|
# could be useful to other scripts.
|
|
|
|
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
|
|
|
|
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
|
|
|
|
exit 0
|
|
|
|
fi
|
|
|
|
|
2018-09-21 20:51:07 +02:00
|
|
|
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
|
2011-04-25 15:37:00 +02:00
|
|
|
|
2009-08-26 17:00:38 +02:00
|
|
|
TMP=${TMP:-/tmp}
|
|
|
|
PKG=$TMP/package-shadow
|
|
|
|
|
2018-05-28 21:12:29 +02:00
|
|
|
if [ "$ARCH" = "i586" ]; then
|
|
|
|
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
|
2020-02-07 23:32:38 +01:00
|
|
|
LIBDIRSUFFIX=""
|
2010-05-19 10:58:23 +02:00
|
|
|
elif [ "$ARCH" = "s390" ]; then
|
|
|
|
SLKCFLAGS="-O2"
|
2020-02-07 23:32:38 +01:00
|
|
|
LIBDIRSUFFIX=""
|
2010-05-19 10:58:23 +02:00
|
|
|
elif [ "$ARCH" = "x86_64" ]; then
|
|
|
|
SLKCFLAGS="-O2 -fPIC"
|
2020-02-07 23:32:38 +01:00
|
|
|
LIBDIRSUFFIX="64"
|
2010-05-19 10:58:23 +02:00
|
|
|
else
|
|
|
|
SLKCFLAGS="-O2"
|
2020-02-07 23:32:38 +01:00
|
|
|
LIBDIRSUFFIX=""
|
2010-05-19 10:58:23 +02:00
|
|
|
fi
|
|
|
|
|
2009-08-26 17:00:38 +02:00
|
|
|
rm -rf $PKG
|
|
|
|
mkdir -p $TMP $PKG
|
|
|
|
cd $TMP
|
|
|
|
rm -rf shadow-$VERSION
|
2016-06-30 22:26:57 +02:00
|
|
|
tar xvf $CWD/shadow-$VERSION.tar.xz || exit 1
|
2009-08-26 17:00:38 +02:00
|
|
|
cd shadow-$VERSION
|
|
|
|
|
2020-02-07 23:32:38 +01:00
|
|
|
# Choose correct options depending on whether PAM is installed:
|
|
|
|
if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then
|
|
|
|
PAM_OPTIONS="--with-libpam"
|
|
|
|
unset SHADOW_OPTIONS
|
2020-05-08 23:25:24 +02:00
|
|
|
# By default, use the shadow version of /bin/su:
|
|
|
|
SHIP_SU=${SHIP_SU:-YES}
|
2020-02-07 23:32:38 +01:00
|
|
|
else
|
|
|
|
unset PAM_OPTIONS
|
|
|
|
SHADOW_OPTIONS="--enable-shadowgrp --without-libcrack"
|
2020-05-08 23:25:24 +02:00
|
|
|
# By default, use the shadow version of /bin/su:
|
|
|
|
SHIP_SU=${SHIP_SU:-YES}
|
2020-02-07 23:32:38 +01:00
|
|
|
fi
|
|
|
|
|
2011-04-25 15:37:00 +02:00
|
|
|
# Apply some patches taken from the svn trunk that
|
|
|
|
# fix some of the more serious bugs in 4.1.4.3:
|
|
|
|
for patch in $CWD/patches/*.diff.gz ; do
|
|
|
|
zcat $patch | patch -p0 --verbose || exit 1
|
|
|
|
done
|
|
|
|
|
2016-06-30 22:26:57 +02:00
|
|
|
# Relax the restrictions on "su -c" when it is used to become root.
|
|
|
|
# It's not likely that root is going to try to inject commands back into
|
|
|
|
# the user's shell to hack it, and the unnecessary restriction is causing
|
|
|
|
# breakage:
|
|
|
|
zcat $CWD/shadow.CVE-2005-4890.relax.diff.gz | patch -p1 --verbose || exit 1
|
2012-09-26 03:10:42 +02:00
|
|
|
|
2018-05-28 21:12:29 +02:00
|
|
|
# Even if gethostname() returns the FQDN (long hostname), just display the
|
|
|
|
# short version up to the first '.' on the login prompt:
|
|
|
|
zcat $CWD/shadow.login.display.short.hostname.diff.gz | patch -p1 --verbose || exit 1
|
|
|
|
|
2020-01-27 01:48:51 +01:00
|
|
|
# Add missing file:
|
|
|
|
if [ ! -r man/login.defs.d/HOME_MODE.xml ]; then
|
|
|
|
zcat $CWD/HOME_MODE.xml.gz > man/login.defs.d/HOME_MODE.xml
|
|
|
|
fi
|
|
|
|
|
2009-08-26 17:00:38 +02:00
|
|
|
chown -R root:root .
|
|
|
|
find . \
|
|
|
|
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
|
2019-09-30 23:08:32 +02:00
|
|
|
-exec chmod 755 {} \+ -o \
|
2009-08-26 17:00:38 +02:00
|
|
|
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
|
2019-09-30 23:08:32 +02:00
|
|
|
-exec chmod 644 {} \+
|
2009-08-26 17:00:38 +02:00
|
|
|
|
2018-11-17 04:03:49 +01:00
|
|
|
if [ ! -r ./configure ]; then
|
|
|
|
./autogen.sh
|
|
|
|
fi
|
|
|
|
|
2010-05-19 10:58:23 +02:00
|
|
|
CFLAGS="$SLKCFLAGS" \
|
2009-08-26 17:00:38 +02:00
|
|
|
./configure \
|
|
|
|
--prefix=/usr \
|
2019-12-07 01:22:04 +01:00
|
|
|
--sbindir=/usr/sbin \
|
|
|
|
--bindir=/usr/bin \
|
2010-05-19 10:58:23 +02:00
|
|
|
--sysconfdir=/etc \
|
|
|
|
--mandir=/usr/man \
|
|
|
|
--docdir=/usr/doc/shadow-$VERSION \
|
2018-11-17 04:03:49 +01:00
|
|
|
--enable-man \
|
2016-06-30 22:26:57 +02:00
|
|
|
--enable-subordinate-ids \
|
2009-08-26 17:00:38 +02:00
|
|
|
--disable-shared \
|
2020-02-17 22:32:15 +01:00
|
|
|
--with-group-name-max-length=32 \
|
2020-02-07 23:32:38 +01:00
|
|
|
$SHADOW_OPTIONS \
|
|
|
|
$PAM_OPTIONS \
|
2009-08-26 17:00:38 +02:00
|
|
|
--build=$ARCH-slackware-linux
|
|
|
|
|
2010-05-19 10:58:23 +02:00
|
|
|
# --enable-utmpx # defaults to 'no'
|
|
|
|
|
|
|
|
make $NUMJOBS || make || exit 1
|
|
|
|
make install DESTDIR=$PKG || exit 1
|
|
|
|
|
|
|
|
# Fix user group = 100:
|
|
|
|
zcat $CWD/useradd.gz > $PKG/etc/default/useradd
|
2018-11-17 04:03:49 +01:00
|
|
|
mv $PKG/etc/default/useradd $PKG/etc/default/useradd.new
|
2010-05-19 10:58:23 +02:00
|
|
|
|
2019-12-07 01:22:04 +01:00
|
|
|
# Put some stuff back in "old" locations and make symlinks for compat
|
|
|
|
mkdir -p $PKG/bin $PKG/sbin
|
|
|
|
( cd $PKG/usr/bin
|
|
|
|
mv groups ../../bin
|
|
|
|
mv login ../../bin
|
|
|
|
mv su ../../bin
|
|
|
|
mv faillog ../sbin
|
|
|
|
mv lastlog ../sbin
|
|
|
|
ln -s ../sbin/faillog
|
|
|
|
ln -s ../sbin/lastlog
|
|
|
|
)
|
|
|
|
mv $PKG/usr/sbin/nologin $PKG/sbin/nologin
|
|
|
|
|
2020-02-07 23:32:38 +01:00
|
|
|
if [ ! -z "$PAM_OPTIONS" ]; then
|
|
|
|
# Don't ship the login utilities. We'll be using the ones from util-linux:
|
2020-05-08 23:25:24 +02:00
|
|
|
for file in /bin/login /sbin/runuser /usr/bin/chfn /usr/bin/chsh \
|
2020-02-07 23:32:38 +01:00
|
|
|
/usr/man/man1/chfn.1.gz /usr/man/man1/chsh.1.gz /usr/man/man1/login.1.gz \
|
2020-05-08 23:25:24 +02:00
|
|
|
/usr/man/man1/runuser.1.gz ; do
|
2020-02-07 23:32:38 +01:00
|
|
|
rm -f $PKG${file}
|
|
|
|
done
|
|
|
|
# Install config files in /etc/pam.d/. We'll use our own copies... I'm not
|
|
|
|
# sure that I trust upstream enough to let them handle this stuff.
|
|
|
|
rm -rf $PKG/etc/pam.d
|
|
|
|
mkdir -p $PKG/etc/pam.d
|
|
|
|
for file in $CWD/pam.d/* ; do
|
|
|
|
cp -a ${file} $PKG/etc/pam.d/
|
|
|
|
done
|
2020-05-08 23:25:24 +02:00
|
|
|
if [ "$SHIP_SU" = "YES" ]; then
|
|
|
|
cp -a $CWD/pam.d-su/* $PKG/etc/pam.d/
|
|
|
|
fi
|
2020-02-07 23:32:38 +01:00
|
|
|
# Ensure correct perms/ownership on files in /etc/pam.d/:
|
|
|
|
chown root:root $PKG/etc/pam.d/*
|
|
|
|
chmod 644 $PKG/etc/pam.d/*
|
|
|
|
# Don't clobber existing config files:
|
|
|
|
find $PKG/etc/pam.d -type f -exec mv {} {}.new \;
|
|
|
|
# Install a login.defs with unsurprising defaults:
|
|
|
|
rm -f $PKG/etc/login.defs
|
|
|
|
zcat $CWD/login.defs.pam.gz > $PKG/etc/login.defs.new
|
|
|
|
else # not using PAM
|
|
|
|
mv $PKG/etc/login.access $PKG/etc/login.access.new
|
|
|
|
# Install a login.defs with unsurprising defaults:
|
|
|
|
rm -f $PKG/etc/login.defs
|
|
|
|
zcat $CWD/login.defs.shadow.gz > $PKG/etc/login.defs.new
|
|
|
|
fi
|
|
|
|
|
2020-05-08 23:25:24 +02:00
|
|
|
# If we aren't using this version of su, remove the files:
|
|
|
|
if [ "$SHIP_SU" = "NO" ]; then
|
|
|
|
rm $PKG/bin/su
|
|
|
|
find $PKG/usr/man -name su.1 | xargs rm
|
|
|
|
find $PKG/usr/man -name suauth.5 | xargs rm
|
|
|
|
fi
|
|
|
|
|
2010-05-19 10:58:23 +02:00
|
|
|
# /bin/groups is provided by coreutils.
|
|
|
|
rm -f $PKG/bin/groups
|
2019-09-30 23:08:32 +02:00
|
|
|
find $PKG -name groups.1 -exec rm {} \+
|
2010-05-19 10:58:23 +02:00
|
|
|
|
|
|
|
# I don't think this works well enough to recommend it.
|
|
|
|
#mv $PKG/etc/limits $PKG/etc/limits.new
|
|
|
|
rm -f $PKG/etc/limits
|
|
|
|
|
|
|
|
# Add the friendly 'adduser' script:
|
2009-08-26 17:00:38 +02:00
|
|
|
cat $CWD/adduser > $PKG/usr/sbin/adduser
|
2010-05-19 10:58:23 +02:00
|
|
|
chmod 0755 $PKG/usr/sbin/adduser
|
|
|
|
|
|
|
|
# Add sulogin to the package:
|
|
|
|
cp -a src/sulogin $PKG/sbin
|
|
|
|
( cd $PKG/bin ; ln -s ../sbin/sulogin )
|
2020-05-08 23:25:24 +02:00
|
|
|
cp -a ./man/zh_CN/man8/sulogin.8 $PKG/usr/man/zh_CN/man8/sulogin.8 || exit 1
|
|
|
|
cp -a ./man/ru/man8/sulogin.8 $PKG/usr/man/ru/man8/sulogin.8 || exit 1
|
|
|
|
cp -a ./man/de/man8/sulogin.8 $PKG/usr/man/de/man8/sulogin.8 || exit 1
|
|
|
|
cp -a ./man/ja/man8/sulogin.8 $PKG/usr/man/ja/man8/sulogin.8 || exit 1
|
|
|
|
cp -a ./man/man8/sulogin.8 $PKG/usr/man/man8/sulogin.8 || exit 1
|
2010-05-19 10:58:23 +02:00
|
|
|
|
|
|
|
# Add the empty faillog log file:
|
|
|
|
mkdir -p $PKG/var/log
|
|
|
|
touch $PKG/var/log/faillog.new
|
|
|
|
|
2011-04-25 15:37:00 +02:00
|
|
|
# Use 4711 rather than 4755 permissions where setuid root is required:
|
2019-09-30 23:08:32 +02:00
|
|
|
find $PKG -type f -perm 4755 -exec chmod 4711 "{}" \+
|
2010-05-19 10:58:23 +02:00
|
|
|
|
|
|
|
# Compress and if needed symlink the man pages:
|
|
|
|
if [ -d $PKG/usr/man ]; then
|
|
|
|
( cd $PKG/usr/man
|
|
|
|
for manpagedir in $(find . -type d -name "man*") ; do
|
|
|
|
( cd $manpagedir
|
|
|
|
for eachpage in $( find . -type l -maxdepth 1) ; do
|
|
|
|
ln -s $( readlink $eachpage ).gz $eachpage.gz
|
|
|
|
rm $eachpage
|
|
|
|
done
|
|
|
|
gzip -9 *.?
|
|
|
|
)
|
|
|
|
done
|
|
|
|
)
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
|
|
|
|
mkdir -p $PKG/usr/doc/shadow-$VERSION
|
|
|
|
cp -a \
|
2011-04-25 15:37:00 +02:00
|
|
|
COPYING* NEWS README* TODO doc/{README*,HOWTO,WISHLIST,*.txt} \
|
2009-08-26 17:00:38 +02:00
|
|
|
$PKG/usr/doc/shadow-$VERSION
|
2010-05-19 10:58:23 +02:00
|
|
|
|
2011-04-25 15:37:00 +02:00
|
|
|
# If there's a ChangeLog, installing at least part of the recent history
|
|
|
|
# is useful, but don't let it get totally out of control:
|
|
|
|
if [ -r ChangeLog ]; then
|
|
|
|
DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
|
|
|
|
cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
|
|
|
|
touch -r ChangeLog $DOCSDIR/ChangeLog
|
|
|
|
fi
|
2009-08-26 17:00:38 +02:00
|
|
|
|
|
|
|
mkdir -p $PKG/install
|
|
|
|
cat $CWD/slack-desc > $PKG/install/slack-desc
|
2010-05-19 10:58:23 +02:00
|
|
|
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
|
2009-08-26 17:00:38 +02:00
|
|
|
|
|
|
|
cd $PKG
|
2010-05-19 10:58:23 +02:00
|
|
|
/sbin/makepkg -l y -c n $TMP/shadow-$VERSION-$ARCH-$BUILD.txz
|